WordPress OneSignal Plugin Cross-Site Scripting

A Cross-Site Scripting vulnerability exists in WordPress OneSignal plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system.

You can read the full article here.